Estée Lauder Confirms Data Breach

The Estée Lauder Companies Inc. confirmed a data breach and partial systems shut down and is currently working to understand the full scope of the data obtained. The company reported that an unauthorized third party accessed some of the company’s systems and successfully obtained data.

An investigation is underway, with Estée Lauder working closely with leading cybersecurity experts and law enforcement officials. They also proactively suspended the services of some of their systems and admitted that the incident could cause further disruption to the company’s business operations moving forward.

“Ransomware can seriously impact production, and data theft can lead to very significant regulatory fines, especially for multinational or global organizations,” said Erich Kron, security awareness advocate with cybersecurity company KnowBe4.

ALPHV/BlackCat and Clop, two well-known ransomware actors, are taking credit for the Estée Lauder breach, listing them as victims of separate attacks on their data leak websites. 

Clop, which has impacted over 300 organizations worldwide, noted they have over 131 GB of the company’s data through a MOVEit attack.

On July 18, BlackCat claimed they still had access to the company's systems, even though Mandiant and Microsoft were brought in to respond. BlackCat announced they are still waiting for Estée Lauder's response about the attack, threatening to publicly share information about the stolen files unless the cosmetics leader replies. 

BlackCat dropped hints that the information they have obtained could affect company employees, suppliers, and customers, but Estee Lauder has not confirmed those claims. 

Cybercrime has increased 600% due to the COVID-19 pandemic, with reports that cybercrime will cost companies worldwide an estimated $10.5 trillion annually by 2025, up from $3 trillion in 2015. 

At this time, the company commented that their main focus is on remediation efforts to restore services and systems completely, and is implementing measures to secure their operations and will continue taking additional steps moving as recommended.

“Businesses that want to stay ahead of threats will understand the importance of improving specific security behaviors and treating them as a core value or an active process,” commented Oz Alashe, CEO, CybSafe

This is not the first data breach for Estée Lauder, with the company unknowingly exposing 440 million records through an unprotected database in 2020. No consumer data was impacted through that breach. Still, production, error, CMS, audit, and middleware logs were available to anyone with interact access, along with references to reports and other internal documents.